fedoraproject

5,420 tracked vulnerabilities.

CVE-2022-34169 HIGH
Apache Xalan <2.7.3 - Code Injection
Jul 19, 2022
CVSS 7.5
EPSS 0.11
CVE-2022-32323 HIGH
autotrace 0.40.0 - Heap Overflow in ReadImage Function
Jul 14, 2022
CVSS 7.3
EPSS 0.00
CVE-2022-23825 MEDIUM
AMD Processors - Info Disclosure
Jul 14, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-32215 MEDIUM
llhttp <14.20.1, <16.17.1, <18.9.1 - HTTP Request Smuggling via Multi-line Transfer-Encoding Header
Jul 14, 2022
CVSS 6.5
EPSS 0.86
CVE-2022-32213 MEDIUM
llhttp < 2.1.5 - HTTP Request Smuggling via Transfer-Encoding Header
Jul 14, 2022
CVSS 6.5
EPSS 0.86
CVE-2022-32212 HIGH
Node.js <14.20.0, <16.20.0, <18.5.0 - OS Command Injection via IsAllowedHost Bypass
Jul 14, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-29187 HIGH
Git <2.37.1-2.30.5 - Privilege Escalation
Jul 12, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-29901 MEDIUM
Intel Core i7 Firmware - Spectre Retpoline Bypass Exposes Sensitive Information
Jul 12, 2022
CVSS 5.6
EPSS 0.00
CVE-2022-29900 MEDIUM
AMD APU Firmware - Arbitrary Speculative Code Execution
Jul 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-2345 HIGH
vim < 9.0.0046 - Use-After-Free
Jul 08, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-2344 HIGH
vim/vim <9.0.0045 - Buffer Overflow
Jul 08, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-2343 HIGH
vim/vim <9.0.0044 - Buffer Overflow
Jul 08, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-32208 MEDIUM
curl 7.16.4-7.83.1 - Man-In-The-Middle Attack via FTP KRB5 Message Verification Failure
Jul 07, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-32207 CRITICAL
curl 7.69.0-7.83.1 - Unauthenticated File Permission Overwrite via Atomic Rename
Jul 07, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-32206 MEDIUM
curl < 7.84.0 - Denial of Service via Unbounded HTTP Compression Chain
Jul 07, 2022
CVSS 6.5
EPSS 0.03
CVE-2022-32205 MEDIUM
curl 7.71.0-7.84.0 - Denial of Service via Excessive Set-Cookie Headers
Jul 07, 2022
CVSS 4.3
EPSS 0.02
CVE-2022-31129 HIGH
moment 2.18.0-2.29.3 - Denial of Service via RFC2822 Date Parsing
Jul 06, 2022
CVSS 7.5
EPSS 0.03
CVE-2022-31117 MEDIUM
UltraJSON <5.4.0 - Memory Corruption
Jul 05, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-31116 HIGH
ultrajson < 5.4.0 - Key Confusion and Value Overwrite via Improper Surrogate Pair Decoding
Jul 05, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-33742 HIGH
Linux - Info Disclosure
Jul 05, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-33741 HIGH
Linux - Info Disclosure
Jul 05, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-33740 HIGH
Linux - Info Disclosure
Jul 05, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-2304 HIGH
vim < 9.0.0035 - Stack-based Buffer Overflow
Jul 05, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-26365 HIGH
Linux disk/nic frontends - Info Disclosure
Jul 05, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-2097 MEDIUM
OpenSSL 1.1.1-1.1.1p and 3.0.0-3.0.4 - Data Exposure via AES OCB Mode on 32-bit x86 Platforms
Jul 05, 2022
CVSS 5.3
EPSS 0.01
Products
fedora 5,351 extra_packages_for_enterprise_linux 76 389_directory_server 39 sssd 18 fedora_core 8 389_administration_server 1 anaconda 1 arm_installer 1 commons 1 coolkey 1 crypto-utils 1 fedmsg 1 fedora_linux_kernel 1 python-fedora 1 sectool 1 selinux-policy 1 spin-kickstarts 1 supybot-fedora 1 unbound 1
Quick Filters
Critical CVEs With Exploits In CISA KEV